How to add values into Spring SecurityContextHolder

spring spring-mvc spring-security spring-webflow
10,786

Create simple SpringSecurityFilter filter. Use setDetails method to put extra details for the user. 

package org.example;  
public class CustomDeatilsSecurityFilter extends SpringSecurityFilter {

   protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
      SecurityContext sec = SecurityContextHolder.getContent();
      AbstractAuthenticationToken auth = (AbstractAuthenticationToken)sec.getAuthentication();
      HashMap<String, Object> info = new HashMap<String, Object>();
      info.put("companyId", 42);
      auth.setDetails(info);
   }

}

Add it to the Spring Security Filter Chain like this (this is NOT web.xml, but something like applicationContext-security.xml):

<bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter">
   <custom-filter position="LAST" />
</bean>

Then somewhere in the code you may do something like this:

Map<String, Object> info = (Map<String, Object>)SecurityContextHolder.getContext().getAuthentication.getDetails();  
int companyId = info.get("companyId");

Basic installation of Spring Security in web.xml

<context-param>
    <param-name>patchConfigLocation</param-name>
    <param-value>
        classpath:/applicationContext.xml
       /WEB-INF/applicationContext-datasource.xml
       /WEB-INF/applicationContext-security.xml
    </param-value>
</context-param>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

in applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:p="http://www.springframework.org/schema/p"
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-3.2.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.1.xsd
        http://www.springframework.org/schema/util
        http://www.springframework.org/schema/util/spring-util-3.2.xsd">  
...
    <bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter">
       <custom-filter position="LAST" />
    </bean>
...

in project's pom.xml

    <!-- Spring Security -->
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-acl</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-taglibs</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <!-- !Spring Security -->
Share:
10,786
edaklij
Author by

edaklij

Looking Up.

Updated on June 16, 2022

Comments

  • edaklij
    edaklij almost 2 years

    I have there login parameters 

    1.userName

2.password

3.companyId

    I have got user name and password using following code

     Authentication auth = SecurityContextHolder.getContext().getAuthentication();

 String name = auth.getName();

 String pwd = auth.getCredentials();

 String companyId= ???//How can i set and then get company Id here.

    My Question is how can i get an extra login parameter(companyId) using SecurityContextHolder?

    The extracting class may not be a spring controller.That is why i am using SecurityContextHolder instead of HttpSession.

    Thanks,

  • edaklij
    edaklij over 10 years
    Thanks Anton Shchastnyi.. What is auth? can you please give me a full example?.I Am quite new in spring.
  • edaklij
    edaklij over 10 years
    inherited class "SpringSecurityFilter " does not exist.?? How can we specify "custom-filte" inside a normal bean?
  • Anton Shchastnyi
    Anton Shchastnyi over 10 years
    Ok, consider updating your project's pom.xml, web.xml, and security.xml. Make sure you properly included Spring's applicationContext.xml, applicationContext-security.xml
  • edaklij
    edaklij over 10 years
    Thanks Anton Shchastnyi..But how can we extend "SpringSecurityFilter"..there is no such class...
  • Anton Shchastnyi
    Anton Shchastnyi over 10 years
    Oh, I am sorry it looks like this class is in older versions of Spring Security docs.spring.io/autorepo/docs/spring-security/2.0.x/apidocs/o‌​rg/…. So you may downgrade from 3.1.3.RELEASE to 2.0.x in order to launch the code above, or you may update Authentication object in some other place. Consider looking at stackoverflow.com/questions/18220556/…
  • edaklij
    edaklij over 10 years
    could you please update your code as 3.1.3.RELEASE,Then i shall accept your answer..

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Step by step login example using spring security 3.0 with hdbc
How to add Spring WebSecurityConfig to an existing project
Integrating Spring Security with SiteMinder
Spring security 401 Unauthorized even with permitAll
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'requestMappingHandlerMapping' defined
How to use AuthorizationServerSecurityConfigurer?
Java Spring Security - User.withDefaultPasswordEncoder() is deprecated?
Cannot get rid of "An Authentication object was not found in the SecurityContext" in a Spring Boot application without @WithMockUser
spring security get user id from DB
Could not verify the provided CSRF token because your session was not found